This course covers the fundamentals of live analysis forensics and
investigation of endpoints
Hands-on activities span the entire forensics process, beginning
with a FireEye-generated alert, leading to discovery and analysis of
the host for evidence of malware and other unwanted intrusion.
Analysis of computer systems will be performed using FireEye
products and freely available tools.
After completing this course, learners should be able to:
- Describe methods of live analysis
- Demonstrate the
ability to plan, execute and report on a digital forensic
- Investigate a Redline triage package using a
- Validate and provide further context
for FireEye alerts
- Identify malicious activity hidden among
common Windows events
Who Should Attend
Network security professionals and incident responders who must use
alerts generated by FireEye products to conduct cyber forensics.
Completion of the Alert Analysis course. Windows systems
administration skills. Familiarity with basic command line interface